CVE-2026-11571 PUBLISHED

Everest Forms < 3.5.0 - Unauthenticated Sensitive Information Exposure via Residual CSV Artifacts

Assigner: WPScan
Reserved: 08.06.2026 Published: 09.07.2026 Updated: 09.07.2026

The Everest Forms WordPress plugin before 3.5.0 does not reliably delete temporary CSV files generated during email-notification processing and leaves them publicly accessible in the uploads directory, allowing unauthenticated attackers to retrieve other users' form submission records via predictable, enumerable filenames.

Product Status

Vendor Unknown
Product Everest Forms
Versions Default: unaffected
  • affected from 0 to 3.5.0 (excl.)

Credits

  • Duy Tran finder
  • WPScan coordinator

References

Problem Types

  • CWE-200 Information Exposure CWE